Running applications with DB roles defined

I have a question on how we currently deploy applications on premises and how this would work in Azure.

So our on premises application is as follows:

• We have a web application deployed on our web server (WebAppExample1) that talks to an application (AppServerExampl开发者_开发百科e1) on our App Server.
• AppServerExample1 goes to our database for data in Table1.
• In our database the only application that requires permission to Table1 is AppServerExample1, so we create a DB Role and grant appropriate permissions. We associate this role with an Active directory user (AppServerExample1User) that AppServerExample1 runs as.

How can this be done in Azure?

From looking at some samples I dont see anyone defining permissions at this level, which to me should be done (least privelage).

Also I believe you can not be an Admin in SQL Azure so does this mean you cannot create DB roles? Thanks for replies

---

From everything I've read I believe you can create Roles in SQL Azure - e.g. see http://www.structuretoobig.com/post/2010/02/13/SQL-Azure-Logins.aspx

If you try and find you can't, then perhaps you could achieve this using users with different permissions rather than roles - see http://msdn.microsoft.com/en-us/library/ee336235.aspx#DatabasePerms

This database-level permission model in SQL Azure Database is same as an on-premise instance of SQL Server. For information, see the following topics in SQL Server Books Online references.

Identity and Access Control (Database Engine) Managing Logins, Users, and Schemas How-to Topics
Lesson 2: Configuring Permissions on Database Objects